tlf-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Tlf-devel] tlf segfault

From: Thomas Beierlein
Subject: Re: [Tlf-devel] tlf segfault
Date: Tue, 6 Oct 2009 19:05:47 +0200
User-agent: Mutt/1.5.17 (2007-11-01) 
Hi Rein,

during the tests with the new GCC-4.4.1 and GLIBC-2.10 we found two
buffer overflows in string handling. Please see the attached diff for fix.

The first fix does not only fix the buffer overflow but also corrects the 
wrong handling of the month variable for muf predictions.

73, de Tom DL1JBE


-----------------------------------------------------------------------
--- src/clear_display.c.orig    2007-12-18 16:08:05.000000000 +0100
+++ src/clear_display.c 2009-10-06 07:25:30.000000000 +0200
@@ -100,10 +100,7 @@
  else
        strftime(time_buf, 60, "DIG %d-%b-%y %H:%M ",  time_ptr);
 
-strncat (month, time_buf + 2, 2);      /* month for muf calc */
-m = atoi ( month);
-if (m == 0)
-       m++;
+       m = time_ptr->tm_mon;           /* month for muf calc */
        
 mvprintw(12, 3,time_buf);
 
--- src/displayit.c.orig        2009-10-06 16:27:22.000000000 +0200
+++ src/displayit.c     2009-10-06 16:45:31.000000000 +0200
@@ -39,7 +39,7 @@
                strncat(term2buf, termbuf,  strlen(termbuf) - 1  );
                strncat(term2buf, backgrnd_str, 81 - strlen(termbuf));   /* 
fill with blanks */
 
-               strcat(term2buf, "\n");
+               term2buf[80] = '\0';
                strcpy(terminal1, terminal2);
                strcpy(terminal2, terminal3);
                strcpy(terminal3, terminal4);
-----------------------------------------------------------------------

On Mon, Oct 05, 2009 at 06:52:02PM +0200, Thomas Beierlein wrote:
> Hi Rein,
> 
> On Mon, Oct 05, 2009 at 03:02:18PM +0200, Rein Couperus wrote:
> > I will include the patch and release it this week.
> > 
> just wait a little bit with a new release. We just checked with the new
> gcc 4.4.1 and glibc 2.10. There are more problems to fix. 
> 
> I will look for it and keep you informed.
> 
> 73, de Tom DL1JBE.
> 
> > 
> > > -----Ursprüngliche Nachricht-----
> > > Von: "Thomas Beierlein" <address@hidden>
> > > Gesendet: 05.10.09 15:00:50
> > > An: address@hidden
> > > Betreff: [Tlf-devel] tlf segfault
> > 
> > 
> > > Hi,
> > > 
> > > Tlf segfaults immediately after start on some machines here if started 
> > > with 'tlf -n' and if SPOTLIST is activated in logcfg.dat (as installed by
> > > default as example).
> > > 
> > > Found the reason in cluster_bg.c where in case of an empty spotlist tlf 
> > > uses 
> > > some negative indexes for array access (around lines 460..490) . Bummer!
> > > 
> > > The following diff fixes the problem. I hope Rein can integrate the patch 
> > > soon 
> > > and release a fixed version.
> > > 
> > > 73, de Tom DL1JBE
> > > 
> > > Patch follows here:
> > > 
> > > --- src/cluster_bg.c.orig 2009-10-03 09:14:28.000000000 +0200
> > > +++ src/cluster_bg.c      2009-10-02 08:25:40.000000000 +0200
> > > @@ -463,7 +463,10 @@
> > >  for (j=15; j < 23; j++)
> > >   mvprintw(j,4, "                           ");
> > >  
> > > -if (cluster == SPOTS) linepos = i - 8;
> > > +if (cluster == SPOTS){
> > > + linepos = i - 8;
> > > + if (linepos < 0) linepos = 0;
> > > +}
> > >  else linepos = 0;
> > >  
> > >  
> > > -- 
> > > "Do what is needful!"
> > > Ursula LeGuin: Earthsea
> > > --
> > > 
> > > 
> > > 
> > > _______________________________________________
> > > Tlf-devel mailing list
> > > address@hidden
> > > http://lists.nongnu.org/mailman/listinfo/tlf-devel
> > > 
> > 
> > -- 
> > http://pa0r.blogspirit.com
> 
> -- 
> "Do what is needful!"
> Ursula LeGuin: Earthsea
> --
> 
> 
> 
> _______________________________________________
> Tlf-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/tlf-devel

-- 
"Do what is needful!"
Ursula LeGuin: Earthsea
--
reply via email to
[Prev in Thread] Current Thread [Next in Thread]